shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

269
active users

#scareware

0 posts0 participants0 posts today
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@cR0w" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cR0w</span></a></span> OFC that <em>is</em> a general problem.</p><p><span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> talked about that violation of <a href="https://infosec.space/tags/KISSprinciple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KISSprinciple</span></a> in a talk <a href="https://www.youtube.com/watch?v=SGmtP5Lg_t0&amp;t=26m5s" rel="nofollow noopener" target="_blank">over a decade ago.</a></p><p>Add to that the horrible track record of many vendors of <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> and we all can see the problem...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@cR0w" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cR0w</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@da_667" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>da_667</span></a></span> <em>nodds in agreement</em></p><ul><li>I'm convinced <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> won't <em>"fix"</em> <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> (by migrating to <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> and merely integrating a <a href="https://infosec.space/tags/WindowsSubsystemForLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsSubsystemForLinux</span></a> (aka. <a href="https://infosec.space/tags/Wine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wine</span></a>) instead of their botched <a href="https://infosec.space/tags/LinuxSubsystemForWindows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinuxSubsystemForWindows</span></a>) because they do get $$$$$$$$ from the <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a>-<a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a>-Industry that is <em>"<a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a>"-<a href="https://infosec.space/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a></em>!</li></ul><p>But the best are those <em>"<a href="https://infosec.space/tags/AV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AV</span></a>" Vendors</em> that use <a href="https://infosec.space/tags/ClownFlare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClownFlare</span></a> <em>"for <a href="https://infosec.space/tags/DDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDoS</span></a>-Protection"</em> like some <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> distributors from <a href="https://infosec.space/tags/Russia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Russia</span></a>.</p><ul><li>Makes them look really trustworthy!</li></ul><p>Personally, I just <a href="https://infosec.space/tags/ban" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ban</span></a> all <a href="https://infosec.space/tags/proproetary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proproetary</span></a> file.formats &amp; -protocols as a matter of principle!</p><p><a href="https://infosec.space/tags/CloudFlare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudFlare</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.space/@topher" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>topher</span></a></span> <a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a> is for the most part <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> aimed at scamming <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> which at best only works against kniwn threats and at worst is literal <a href="https://infosec.space/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> in and of itself selling user data to bad actors.</p><ul><li>There are commercial AV options for major distros, like <a href="https://infosec.space/tags/ESET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESET</span></a> <a href="https://www.eset.com/ie/" rel="nofollow noopener" target="_blank">offers</a> for all 3 big Desktop ones: @RedHat, <a href="https://infosec.space/tags/SUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SUSE</span></a> &amp; <a href="https://infosec.space/tags/UbuntuLTS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UbuntuLTS</span></a>...</li></ul><p>As for the rest one can just scan <a href="https://infosec.space/tags/Fileservers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fileservers</span></a> regularly and do so on <a href="https://infosec.space/tags/Mailservers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mailservers</span></a>, but existing tools to enforce quick and early updates on those distros already do most of the heavy lifting re: <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>... </p><p><a href="https://infosec.space/tags/JustSayling" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JustSayling</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://goatdaddy.net/profile/vvelox" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>vvelox</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@SecurityWriter" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SecurityWriter</span></a></span> +9001%</p><p>Also the fact that <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> gave birth to an entire cottage industry of <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> producers is already an indictment to it's shortcomings for any serious <a href="https://infosec.space/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a>.</p><ul><li>But if you need <em>"<a href="https://infosec.space/tags/CheckboxSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CheckboxSecurity</span></a>"</em> for some <a href="https://infosec.space/tags/compliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>compliance</span></a> stuff, there are commercial solutions for that too.</li></ul><p>Cuz unlike <a href="https://infosec.space/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a>'s <a href="https://infosec.space/tags/MDM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MDM</span></a>, <a href="https://infosec.space/tags/InTune" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InTune</span></a> is a joke!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Kensan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Kensan</span></a></span> <span class="h-card" translate="no"><a href="https://waldvogel.family/@marcel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>marcel</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@adfichter" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>adfichter</span></a></span> Das kommt hinzu...</p><p>Ich persönlich bin ja dafür dass <a href="https://infosec.space/tags/CCSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCSS</span></a> eine strikte <a href="https://infosec.space/tags/Produkthaftung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Produkthaftung</span></a> befolgen müssen - inklusive <a href="https://infosec.space/tags/Versicherung" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Versicherung</span></a> für <a href="https://infosec.space/tags/Folgesch%C3%A4den" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Folgeschäden</span></a> und Schadensersatzansprüche...</p><ul><li>Bei <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> würde ich dies nicht einsehen weil diese ja <em>kostenlos und ohne Haftung</em> angeboten wird - bei CCSS gibt es keinen rationalen Grund dies zu erlauben!</li></ul><p>Ohnehin gehört <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> wie <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> und <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> wie <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> und der ganze andere <em>"<a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a>"</em> - <a href="https://infosec.space/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> verboten, weil alles was <a href="https://infosec.space/tags/Binaryblob" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Binaryblob</span></a>-<a href="https://infosec.space/tags/Kernelhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernelhacks</span></a> erzeugen ist Mist!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://waldvogel.family/@marcel" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>marcel</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@Kensan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Kensan</span></a></span> <span class="h-card" translate="no"><a href="https://chaos.social/@adfichter" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>adfichter</span></a></span> die einzig wirksame <a href="https://infosec.space/tags/Konsequenz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Konsequenz</span></a> ist, sich konsequent entsprechender <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> als <a href="https://infosec.space/tags/Betriebssystem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Betriebssystem</span></a> zu verweigern und keine <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> mit <a href="https://infosec.space/tags/Rootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rootkits</span></a> zu nutzen!</p><ul><li>Die <a href="https://infosec.space/tags/Sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sicherheit</span></a> sollte im Zweifelsfalle durch den <a href="https://infosec.space/tags/Maintainer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Maintainer</span></a> des Betriebssystems / der Distribution bereitgestellt und verifizierbar sein, und wenn jene*r keine Haftung dafür anbietet so ist diese dafür zu disqualifizieren.</li></ul><p>So einfach ist das!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@0xabad1dea" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>0xabad1dea</span></a></span> which confirms my own point.</p><ul><li><p>All <a href="https://infosec.space/tags/KernelLevelDrivers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KernelLevelDrivers</span></a> are <a href="https://infosec.space/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> and should not exist to begin with.</p></li><li><p>There was never a <a href="https://infosec.space/tags/LegitimateReason" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LegitimateReason</span></a> to allow said <a href="https://infosec.space/tags/Kernelhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernelhacks</span></a> to exist.</p></li><li><p>Noone should've allowed this <a href="https://infosec.space/tags/scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scareware</span></a> to exist or signed it (<a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a>) nor used it and the <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> it was made for (<a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a>).</p></li><li><p>I sincerely hope they'll be made to face <a href="https://infosec.space/tags/accountability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accountability</span></a> and <a href="https://infosec.space/tags/consequences" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>consequences</span></a> for this shitshow, and I mean not a <a href="https://infosec.space/tags/ClassAction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClassAction</span></a> aka. <em>"<a href="https://infosec.space/tags/GetOutOfJailCheque" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GetOutOfJailCheque</span></a>"</em> that is insultingly low.</p></li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@howelloneill" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>howelloneill</span></a></span> call <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> as a subset of <a href="https://infosec.space/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a>, just like <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> aka. <em>"<a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a>"</em> and <em>"<a href="https://infosec.space/tags/AntiMalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AntiMalware</span></a>"</em> sold by 3rd parties withoit sourcecode access to the underlying systems' components!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> doesn't change the fact that I think the entire <a href="https://infosec.space/tags/CottageIndustry" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CottageIndustry</span></a> of <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> like <a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a> &amp; <a href="https://infosec.space/tags/AmtiMalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AmtiMalware</span></a> products shouldn't exist to begin with and instead <a href="https://infosec.space/tags/OS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OS</span></a> vendors - or at least those that charge for the privilegue of using their <a href="https://infosec.space/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> like <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> - should be obligated to keep their shit secure and maintain it.</p><ul><li>Unlike some nieche distro maintained by unpaid volunteers Microsoft has no problem to finance that!</li></ul><p>Espechally since most good <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> distros already offer that cheaper and better!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Mastokarl" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mastokarl</span></a></span> ich fragemich ehrr warum die <a href="https://infosec.space/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> vergeit und wieso <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> und <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> woe <a href="https://infosec.space/tags/CorwdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CorwdStrike</span></a> nicht illegal sind in <a href="https://infosec.space/tags/KRITIS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KRITIS</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://ruhr.social/@usi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>usi</span></a></span> <span class="h-card" translate="no"><a href="https://troet.cafe/@Thea_gruen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Thea_gruen</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@tazgetroete" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tazgetroete</span></a></span> also ich sehe das genau andersherum:</p><ol><li><p><a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> und <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> wie <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> gehört ausnahmslos verboten und die Entscheider*innen bei beiden Unternehmen &amp; Kundenunternehmen in Regress genommen!</p></li><li><p>Die Tatsache dass irgendwelche Kiddies den Perimeter des Flughafen durchbrechen und aufs Rollfeld und die Taxiways kommen konnten gehört aufgearbeitet, weil das sollte gem. <a href="https://infosec.space/tags/ICAO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ICAO</span></a> denen selbst unter Anwendung von Waffengewalt nicht möglich sein!! Hier haben die Seccies verkackt!!!</p></li></ol>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fedi.lynnesbian.space/@lynnesbian" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lynnesbian</span></a></span> see, that's why I'll soldier on and stick to <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>, <a href="https://infosec.space/tags/Mumble" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mumble</span></a>, <a href="https://infosec.space/tags/WebCall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebCall</span></a>, <a href="https://infosec.space/tags/JitsiMeet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JitsiMeet</span></a>, <a href="https://infosec.space/tags/VoIP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VoIP</span></a> and <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a> and avoid <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> at all costs.</p><p>Cuz my time is way too precious to waste it on unpaid labour on people that are not only <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> but ignorant...</p><p>In return I can just reply to shit like <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> <em>"Lol, who uses that <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a>?"</em> and provide evidenve that I wasn't impacted at all...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.town/@mttaggart" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mttaggart</span></a></span> I just don't use <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> not <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> and instead burden the load of <a href="https://infosec.space/tags/hardenibg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardenibg</span></a> towards the Distro Maintainer as oer Contract...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://zug.network/@Zugschlus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Zugschlus</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@Cappyjax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Cappyjax</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.radio/@WB2EEE" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>WB2EEE</span></a></span> <span class="h-card" translate="no"><a href="https://donotsta.re/users/elly" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>elly</span></a></span> I disagree to some extend as <a href="https://nondeterministic.computer/@mjg59/112816011370924959" rel="nofollow noopener" target="_blank">Windows is in fact part of the Problem cuz on linux this would not have happened</a>...</p><ul><li>OFC allowing <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> in decisionmaker positions (regardless if regultors or corporations) is at best wrong and IMHO should he as illegal as hiring a freshly convicted (wire-)fraudster as CFO of a bank.</li></ul><p>The entire <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> / <a href="https://infosec.space/tags/DigitalSnakeoil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalSnakeoil</span></a> industry should be outlawed as the fraudulent business model it is and security should be procured from the maintainers of the OS only...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://pfalz.social/@Saupreiss" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Saupreiss</span></a></span> Klar, nur bietet <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> nichtmals ansatzweise die Menge an <a href="https://infosec.space/tags/Support" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Support</span></a> und <a href="https://infosec.space/tags/Assurance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Assurance</span></a> an die <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> Distros wie <a href="https://infosec.space/tags/RHEL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RHEL</span></a> (Workstation), <a href="https://infosec.space/tags/SLES" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SLES</span></a> / <a href="https://infosec.space/tags/SLED" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SLED</span></a>, <a href="https://infosec.space/tags/UbuntuLTS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UbuntuLTS</span></a> und <a href="https://infosec.space/tags/OracleLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OracleLinux</span></a> abmnbieten obwohl <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> und besonders <a href="https://infosec.space/tags/WindowsServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsServer</span></a> deutlich teurer durchzulizensieren ist.</p><p>Außerdem ist das komplette <em>"<a href="https://infosec.space/tags/Antimalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antimalware</span></a>"</em> / <em>"<a href="https://infosec.space/tags/Antivirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Antivirus</span></a>"</em> - Business doch einfach nur <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> die auf <em>kongnitive Dissonanz</em> abzielt weil Leute die <a href="https://infosec.space/tags/WindowsDefender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsDefender</span></a> misstrauen nicht gleich die <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> namens Windows mit enstorgen!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://pfalz.social/@Saupreiss" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Saupreiss</span></a></span> wer <a href="https://infosec.space/tags/Gvware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gvware</span></a> wie <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> und/oder <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> wie <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> nutzt sollte <a href="https://infosec.space/tags/Hausverbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hausverbot</span></a> bei <a href="https://infosec.space/tags/KRITIS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KRITIS</span></a> haben!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://toot.yosh.is/@yosh" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>yosh</span></a></span> Same with like <a href="https://infosec.space/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> fuckups like <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a>.</p><ul><li><a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> like it amd <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> like <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> is being used because they ain't <em>painful enough</em>!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@simsus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>simsus</span></a></span> oder ein Bezriebssystem ohne jene <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> (<a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a>)...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://zug.network/@Zugschlus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Zugschlus</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@Cappyjax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Cappyjax</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.radio/@WB2EEE" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>WB2EEE</span></a></span> <span class="h-card" translate="no"><a href="https://donotsta.re/users/elly" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>elly</span></a></span> well, I'd rather not take or stay in a job than commit what I call <em>"Professional <a href="https://infosec.space/tags/Malpractice" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malpractice</span></a>"</em>!</p><ul><li>I know this makes me an outlier, but the fact that I did my job so well that everything I deployed runs like clockwork to this day amd that I'm not short of offers tells me that being a <em>honest <a href="https://infosec.space/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a></em> is the way to go morally instead of being a <a href="https://infosec.space/tags/bootlicker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bootlicker</span></a>!</li></ul><p>Again: We have this entire shitshow because we allow <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> and other dipshits to make up regulations on the spot.</p><ul><li>Also yes, there are means to harden <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> on Sesktops amd Servers beyond the already existing <a href="https://infosec.space/tags/CommonCriteria" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CommonCriteria</span></a> and <a href="https://infosec.space/tags/CIS2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CIS2</span></a> as well as beyond <a href="https://infosec.space/tags/PCIDSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PCIDSS</span></a> compliance and good Distros will even offer a warranty and assurance for that directly - something <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> just won't do for <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> no matter the amount of money one shoves down their throat!</li></ul><p>The fact that we even allow that <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> and <a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> [to even exist, espechally] in <a href="https://infosec.space/tags/CriticalInfrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CriticalInfrastructure</span></a> when in <em>both</em> cases their <a href="https://infosec.space/tags/EULA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EULA</span></a> explicitly bans that use-case is a testiment for the false priorities of regulators and their rules.</p><ul><li>So yeah, if a concrete-headed <a href="https://infosec.space/tags/TechIlliterate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterate</span></a> wants that they can have it - but not from or with me!</li></ul><p>And then they all whine about why noone wants to work for them... What a shitshow.</p> <p>Tell you what, I'd rather <a href="https://zug.network/@Zugschlus/112822635158064785" rel="nofollow noopener" target="_blank">welcome such meetings</a>, because the last time some CEO did that (with an absurd office mandate forcing a colleague into a 500km [one-way!] commute twice a week) they basically mobbed out the two best colleagues I had and subsequently imploded the Linux Infrastructure team.</p><ul><li>Last time I checked that company hadn't filled the vacancies and once Recruiters hear the story, they tend to fire said company as a client.</li></ul><p><a href="https://infosec.space/tags/Sarcasm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sarcasm</span></a> <a href="https://infosec.space/tags/venting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>venting</span></a> <a href="https://infosec.space/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Cappyjax" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Cappyjax</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.radio/@WB2EEE" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>WB2EEE</span></a></span> <span class="h-card" translate="no"><a href="https://zug.network/@Zugschlus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Zugschlus</span></a></span> <span class="h-card" translate="no"><a href="https://donotsta.re/users/elly" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>elly</span></a></span> </p><p>I disagree with <a href="https://mastodon.social/@Cappyjax/112821333101353573" rel="nofollow noopener" target="_blank">your assessment</a> to some extent, as on <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> there's not much of a tolerace or even acceptance of <a href="https://infosec.space/tags/rootkits" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rootkits</span></a> like <a href="https://infosec.space/tags/CorwdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CorwdStrike</span></a> for all the right reasons!</p><ul><li><a href="https://infosec.space/tags/Scareware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scareware</span></a> like that has <em>no legitimate reason to exist</em> and the only place I've seen that is on <a href="https://infosec.space/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> because people distrusting <a href="https://infosec.space/tags/WindowsDefender" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsDefender</span></a> and thus <a href="https://infosec.space/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> are unwilling to to what is <em>evidently the correct solution</em> and yeet Windows for good.</li></ul><p>Cuz it's not about <a href="https://infosec.space/tags/Fanboyism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fanboyism</span></a>, but a fact that most Windows - <a href="https://infosec.space/tags/Sysadmins" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sysadmins</span></a> (or rather decisionmakers for that matter) seem to be high on <a href="https://infosec.space/tags/Copium" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Copium</span></a> and refuse to take actual <a href="https://infosec.space/tags/consequences" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>consequences</span></a> but accept the <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a> as a fact of life when it's not...</p><ul><li>Or am I the only one who remembers the rightful backclash when <a href="https://infosec.space/tags/ads" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ads</span></a> were shoved into <a href="https://infosec.space/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ubuntu</span></a> whilst on <a href="https://infosec.space/tags/Windows11" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows11</span></a> and <a href="https://infosec.space/tags/Windows10" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows10</span></a> people just seem to shrug their shoulders?</li></ul><p>It's just that this entire shitshow would not have happened on <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> because here we don't have an entire ecosystem of <a href="https://infosec.space/tags/ValueRemoving" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ValueRemoving</span></a> <em>"<a href="https://infosec.space/tags/AntiVirus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AntiVirus</span></a>"</em> bs being shoved on Desktops and Servers in the form of <a href="https://infosec.space/tags/Binaryblob" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Binaryblob</span></a> <a href="https://infosec.space/tags/Kernelhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kernelhacks</span></a>!</p>